auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.oauth.service;
  23
  24 import java.util.List;
  25 import java.util.Set;
  26
  27 import org.onap.aaf.auth.dao.cass.PermDAO;
  28 import org.onap.aaf.auth.dao.hl.Question;
  29 import org.onap.aaf.auth.env.AuthzTrans;
  30 import org.onap.aaf.auth.layer.Result;
  31 import org.onap.aaf.cadi.CadiException;
  32 import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
  33 import org.onap.aaf.cadi.client.Future;
  34 import org.onap.aaf.cadi.client.Rcli;
  35 import org.onap.aaf.cadi.config.Config;
  36 import org.onap.aaf.misc.env.APIException;
  37 import org.onap.aaf.misc.env.Env;
  38 import org.onap.aaf.misc.env.TimeTaken;
  39
  40 public class JSONPermLoaderFactory {
  41         /**
  42          * Load JSON Perms from AAF Service (Remotely)
  43          * @param aafcon
  44          * @param timeout
  45          * @return
  46          */
  47         public static JSONPermLoader remote(final AAFCon<?> aafcon, final int timeout) {
  48                 return new JSONPermLoader() {
  49                         public Result<String> loadJSONPerms(AuthzTrans trans, String user, Set<String> scopes) throws APIException, CadiException {
  50                                 Rcli<?> c = aafcon.clientAs(Config.AAF_DEFAULT_VERSION,trans.getUserPrincipal());
  51                                 StringBuilder pathinfo = new StringBuilder("/authz/perms/user/");
  52                                 pathinfo.append(user);
  53                                 pathinfo.append("?scopes=");
  54                                 boolean first = true;
  55                                 for(String s : scopes) {
  56                                         if(first) {
  57                                                 first = false;
  58                                         } else {
  59                                                 pathinfo.append(':');
  60                                         }
  61                                         pathinfo.append(s);
  62                                 }
  63                                 TimeTaken tt = trans.start("Call AAF Service", Env.REMOTE);
  64                                 try {
  65                                         Future<String> fs = c.read(pathinfo.toString(), "application/Perms+json;charset=utf-8;version=2.0");
  66                                         if(fs.get(timeout)) {
  67                                                 return Result.ok(fs.body());
  68                                         } else if(fs.code()==404) {
  69                                                 return Result.err(Result.ERR_NotFound,fs.body());
  70                                         } else {
  71                                                 return Result.err(Result.ERR_Backend,"Error accessing AAF %s: %s",Integer.toString(fs.code()),fs.body());
  72                                         }
  73                                 } finally {
  74                                         tt.done();
  75                                 }
  76                         }
  77                 };
  78         }
  79         public static JSONPermLoader direct(final Question question) {
  80                 return new JSONPermLoader() {
  81                         public Result<String> loadJSONPerms(AuthzTrans trans, String user, Set<String> scopes) throws APIException, CadiException {
  82                                 TimeTaken tt = trans.start("Cached DB Perm lookup", Env.SUB);
  83                                 Result<List<PermDAO.Data>> pd;
  84                                 try {
  85                                         pd = question.getPermsByUser(trans, user, false);
  86                                 } finally {
  87                                         tt.done();
  88                                 }
  89                                 if(pd.notOK()) {
  90                                         return Result.err(pd);
  91                                 }
  92                                 // Since we know it is
  93                                 StringBuilder sb = new StringBuilder("{\"perm\":[");
  94                                 boolean first = true;
  95                                 for(PermDAO.Data d : pd.value) {
  96                                         if(scopes.contains(d.ns)) {
  97                                                 if(first) {
  98                                                         first = false;
  99                                                 } else {
 100                                                         sb.append(',');
 101                                                 }
 102                                                 sb.append("{\"type\":\"");
 103                                                 sb.append(d.ns);
 104                                                 sb.append('.');
 105                                                 sb.append(d.type);
 106                                                 sb.append("\",\"instance\":\"");
 107                                                 sb.append(d.instance);
 108                                                 sb.append("\",\"action\":\"");
 109                                                 sb.append(d.action);
 110                                                 sb.append("\"}");
 111                                         }
 112                                 }
 113                                 sb.append("]}");
 114                                 return Result.ok(sb.toString());
 115                         }
 116                 };
 117         }
 118
 119 }